package com.sinba.itsm.bugfix;

import org.owasp.validator.html.AntiSamy;
import org.owasp.validator.html.CleanResults;
import org.owasp.validator.html.Policy;
import org.owasp.validator.html.PolicyException;
import org.owasp.validator.html.ScanException;

import java.io.InputStream;

public class XssClean
{
    public String xssClean( String value )
    {
        AntiSamy antiSamy = new AntiSamy(  );

        try
        {
            InputStream inputStream = this.getClass(  ).getClassLoader(  ).getResourceAsStream( "xssRule.xml" );
            Policy policy = Policy.getInstance( inputStream );

            //CleanResults cr = antiSamy.scan(dirtyInput, policyFilePath); 
            final CleanResults cr = antiSamy.scan( value, policy );

            //安全的HTML输出
            return cr.getCleanHTML(  );
        } catch ( ScanException e )
        {
            e.printStackTrace(  );
        } catch ( PolicyException e )
        {
            e.printStackTrace(  );
        }

        return value;
    }
}
